The European Union’s “Cookie Directive” went into effect on May 26, 2012.

The new law requires EU-owned websites, as well as those merely accessible to EU users, to tell visitors about cookies that track traffic on their sites. In addition, websites must obtain “informed consent” from users before saving cookies to their computers.

For the time being, the implications of the directive for US companies appear to be limited. But businesses with globally focused websites – and in particular those that target EU users – should consider following the recommendations of three recent advisories aimed at UK companies:

“The [Information Commissioner's Office (ICO)] will expect companies to have taken steps to comply with the rules … and have a realistic plan in place for complying with the rules by a date certain. According to the ICO, using the monetary penalties built into the law as an enforcement option has not been ruled out, but formal ‘undertakings’ and enforcement notices are likely to be more useful in achieving compliance.” (UK Cookie Law “Grace Period” Expires — Enforcement to Begin by Mintz Levin)